Gebruiksaanwijzing /service van het product LGB5128A van de fabrikant Black Box
Ga naar pagina of 257
B LAC K BO X ® Pro vid es ( 20 ) Giga bi t E the rn et S FP , ( 4 ) Gig abi t Et her ne t Co mbo R J - 45/ SFP , and (4 ) 1 G / 1 0G SFP+ connection s. Thi s m a n u a l c o n ta i n s i n f o rm a t io n f o r fi r m wa r e v e rsi on 1 .
ii LGB5128A User's Manual SFP Managed Swi tch Eco Firmware versi on 1.59 *Supports LFP416 with auto mode of link s peed on Ports 1 – 20 and does not support LFP415.
iii About This Manual Purpose This manual gives specific information on how to operate and use the manageme nt func tio ns o f the LGB5128A. Audience The manual is intended for use by network administrators who are responsible for operating and maintaining network equipmen t; consequently, it assumes a basic working knowledge of general switch functions, the Internet Protocol (IP), and Simple Network Management Pro tocol (SNMP) .
LGB5128A User Manual iv C AUT ION : Alert s y ou to a pot ent i al hazar d tha t coul d cau se los s of d at a, or damag e the s ys tem or eq ui p me n t.
v Table of Contents INTROD UCTION ................................................................................................................................................... 1 CHAPTER 1 OP ERATION OF WEB - BASED MANAGEMENT .
LGB5128A User Manual vi 3- 5.1 Instance ................................................................................................................................ .............. 63 3- 5.2 Port Configuration ...................
vii 3- 16.9 DSCP Classification ....................................................................................................................... 145 3- 16.10 QoS Control List Configur ation ......................................
LGB5128A User Manual viii 5- 3.3 Save User .......................................................................................................................................... 228 5- 3.4 Restore User .........................
ix DELETE THIS PAGE .
LGB5128A User Manual 1 INTRODUCTION Overview This user’s manual explains how to install and connect your network system to configure and monitor the LGB 5128A through its built - in CL I a nd Web via the RS - 232 serial interface and Ethernet ports.
LGB5128A User Manual 2 Chapter 1 Operation of Web-based Management Initial Configuration This chapter instructs you how to configure and manage the LG B5128A through the Web user interface. With this faci lity , you can easil y access and monitor status of all switches through any one port of the switch, including MIBs status, each port activity, Sp anning tree status, port aggregation status, multicast traffic , VLAN and priority status, illegal access record, and so on.
3 N OTE : DHCP is enabl ed on th e LGB5128A, but if you do n ot have a DHCP server to provide IP addresses to the switch, use the switch default ip 192.
LGB5128A User Manual 4 Chapte r 2 System Configuration This chapter describes all of the ba sic configuration tasks, including the switch’s system information and man agement ( for examp le, Time, Ac count, IP, Sy slog, and S NMP.
5 Parameter de scripti on: Model name: The model name of t his device. System descri ption: 8- port 10/ 100/1000BASE - T + 2 - Port TP/(100/1G) SFP Combo L2 Plus Managed Swit ch . Location: Where th is swit ch is loc ated .
LGB5128A User Manual 6 2- 1.2 Configuration You can identify the system by configurin g the contact information, nam e, and location of the switch. Web i nte rfa ce To configur e System I nformation i n the Web interface: 1.
LGB5128A User Manual 7 2- 2 Time This page configures the switch time. Time configuration includes Time Configuration and NTP Confi gurat ion. 2- 2.1 Manual The switch provides manual and automatic ways to set the system time via NTP.
LGB5128A User Manual 8 Time Set Offset: Provides the Dayli ght saving t ime set offset . The offset is given in minutes east of GMT. The val id range is from 1 to 144 0 minut es . defau lt is 60 min utes. Dayligh t Savi ngs Ty pe: Provide the Dayli ght savings t ype selection.
LGB5128A User Manual 9 2- 2.2 NTP NTP is Network Time Protocol and is used to sync the network time based on Greenwich Mean Time (GMT). If you use the NTP mode and select a buil t - in NTP time server or manual ly specify an user - defi ned NTP server as well as Time Zone, the sw itch will sync the time in shortly after pre ssing < Apply> button.
LGB5128A User Manual 10 2- 3 Account In this function, o nly the adm inistrator can crea te, m odify, o r delete the u sernam e an d password. The administrator can modify other guest identities’ passwords without conf irming the password but will also n eed to mod ify the ad ministrato r - equivalent ident ity.
11 Privilege Level : The privilege level of the user. The allowed range is 1 to 15. If the privilege level v alue is 15 , the user can acce ss all grou ps, i.e . he is g ranted the full control of the device.
LGB5128A User Manual 12 Figure 2 - 3. 2 : The Privile ge Level configuration Parameter de scripti on: Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.
13 Mainte nance: CLI: System Reboot, System Restore Defaul t, System Password, Configura tion Sa ve, Confi gurati on Load, and Fi rmware Load. Web: User s, Pri vil ege Lev els , a nd e very thi ng in Main tena nce. Debug: Onl y present in CLI.
LGB5128A User Manual 14 Figure2 - 4.1 : The IP configuration Parameter de scripti on: DHCP Client : Enable the DH CP client by checking this box. If DHCP fails and the configured IP add ress is zero, DHCP will retry.
15 2- 4.2 IPV6 This section describes how to configure the switch - managed IP v6 information. The Configu red column is used to view or chan ge the IPv6 conf igura tion. The Current column is used to show the active IPv6 configurati on.
LGB5128A User Manual 16 2-5 Syslog The Syslog is a st andard for logging program m essages . It allow s separation of the software that ge nerates mes sages from the sy stem that stores them and the software that reports and analyzes them.
17 2- 5.2 Log This sect ion how to display the system l og infor mation of the swit ch Web Int erf ac e To display the log configura tion in the Web int erface: 1. Click Sysl og, Log. 2. Display t he log inf ormation. Figure 2 - 5.
LGB5128A User Manual 18 2- 5.3 Detailed Log This sect ion descri bes that display the detai led log informati on of t he switch Web Int erf ac e To display the deta iled log configur ation in the Web in terface: 1. Click Sysl og, Detailed Log.
19 2-6 SNMP Any N etwork Management System (NMS) running the Simple Network Management Protocol (SNMP) can mana ge the M anaged devices e quipped w ith SNM P agent, p rovided tha t the Manageme nt Informa tion Base (MIB) is install ed correct ly on the managed devices.
LGB5128A User Manual 20 2- 6.2 Comm unities The function is used to conf igure SNMPv3 communities. The Community and User Name is unique. To create a new community account, please check <Add new community> button, and enter the account infor mation, then check <Save>.
21 2- 6.3 Users The function is used to configure SNM Pv3 user. The Entry index key is Us erNam e. To create a new UserNam e account, click on the <Add new user> button, and enter the user informa tion then check < Save> .
LGB5128A User Manual 22 MD5 : An optional flag to indi cate that t his user uses MD5 authenticat ion protocol. SHA : An opti onal flag to indicate that this user uses SHA authentication protocol. The value of security level cannot be modified if entry already exists.
23 2- 6.4 Groups The function is used to confi gure SNMPv3 group. The Entry index key are S ecurity Model and Securit y Name. To create a new gro up ac count, please check <Add new group> button, and enter the gr oup informati on then check <Save>.
LGB5128A User Manual 24 2- 6.5 Views The functio n is used to configure SNMPv3 view. The Entry index keys are OID Subtree and View Name. To create a new view accoun t, please click on the <Add new view> but ton, and enter the view i nformation then cli ck on <Save>.
25 OID Subt ree The OID defining t he root of the subtree t o add to the named vi ew. The allowed OID length is 1 to 128. The allowe d string con tent is di gital number or asterisk(*). Save Click t he Save icon to save t he confi gurati on to ROM.
LGB5128A User Manual 26 v2c: Reserved for SNMPv2c . usm: User - based Secur ity Model ( USM). Security Level Indicates the security mo del that this entry should belong to. Possible secu ri ty model s ar e: NoAuth, NoPriv: No authe nticat ion and no pr ivacy.
27 Parameters descripti on: Delete: Check <Delete> entry then clic k on the <Save> button, and the entry will be deleted. Trap Version: You may choose v1, v2c, or v3 trap. Server IP: Assign the SNMP Host IP add ress.
LGB5128A User Manual 28 Privacy Pro tocol: You can set DES encryption f or UserName. Privacy Pass word: The length of “Privacy Password” is r estricte d to 8 – 32.
29 Chapte r 3. Configuration This chapter desc ribes all of the basic net work configur ation task s, includ ing the Ports, Layer 2 network protocol (e.g., VLANs, QoS, IGMP, ACLs, and PoE, etc.), and any setting of t he switch.
LGB5128A User Manual 30 Parameter de scripti on: Port : This is t he logical port number f or this row. Link : The current link state is displayed graphically. Green indicates the link is up and red that it is down.
31 3- 1.2 Port Description The secti on describe s how to configure the Port’s alias o r any descripti on for the P ort Identit y. The user can write down an alphanumeric str ing describi ng the full name and version identifica tion for the system ’s hard ware typ e, softw are vers ion, and netwo rking app lication.
LGB5128A User Manual 32 3- 1.3 Traffic Overview The section describes the Port statistics information and provides an overview of ge neral traffic statistics for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header.
33 3- 1.4 Detailed Stati st ics The section describes how to provide detailed traffic statistic s for a specific switch port. Use the port select box to select which switch port details to display. The selected port belongs to the currently selected st ack unit, as ref lected by the page header.
LGB5128A User Manual 34 Rx and Tx Multic ast : The number of re ceived and tr ansmitted (good and bad) multic ast packets. Rx and Tx Broadcast : The number of re ceived and tr ansmitted (good and bad) broadcas t packets.
35 3- 1.5 Qos Statistics The sectio n describes how a swit ch displ ays the QoS detailed Queuing counters for a specif ic switch port, and for the different queues for all sw itch ports. The ports belong to the currently selected stack unit, as reflected by t he page header.
LGB5128A User Manual 36 3- 1.6 SFP Information The sec tion describes how a swit ch displays the SFP module detail information that you use to connect it to the switc h. T he information includes: Connec tor type, Fibe r ty pe, wavelength, baud rate, and Vendor OUI etc.
37 Vendor Rev ( Revision): Display the modu le rev ision. Vendor SN (Ser ial Number) : Show the seri al number ass igned by t he manufacturer . Date Co de: Show the date this SFP modul e wa s mad e. Temperature: Show the curr ent temperatur e of SFP modul e.
LGB5128A User Manual 38 Figure 3 - 1. 7 : The EEE Configurati on Parameter de scripti on: EEE Port Confi guration: The EEE port settings relate to the currently selected stack unit, as reflected by the page he ader. Port : The switch port number of t he logical EEE port.
39 3- 2.1 Ports The section describes how to confi gure the ACL parameters (ACE) of each swi tch port . These parameters will affect frames received on a port unl ess the fr ame matches a specifi c ACE. Web Int erf ac e To configur e the ACL Ports C onfiguratio n in the W eb interfa ce: 1.
LGB5128A User Manual 40 Mirro r : Specify th e mirror o peration of this port. The allowed val ues are: Enabled: Frames received on the port are m irrored. Disable d: Frames received on t he port are not mirrored. The default value is “Disabled.
41 Figure 3 - 2. 2 : The ACL Rate Limite r Configuration Parameter de scripti on: Rate Li miter I D : The rate l imiter ID for the se ttings cont ained in the same row. Rate The allowed values are: 0 - 3276700 in pps or 0, 100, 200, 300, .
LGB5128A User Manual 42 Web Int erf ac e To configur e Access Cont rol List in the Web inter face: 1. Click Configuration, ACL, then Confi guration. 2. Click the “+” button to add a new ACL, or use the other ACL modific ation buttons to specify the editing action (i.
43 Action : Indicates the forw arding action of the ACE. Permit: Frames matching the ACE may be f orwarded and learned. Deny: Frames matching the ACE are dropped. Rate Li miter : Indicates the rate limiter numb er of the ACE.
LGB5128A User Manual 44 Buttons Save – Click to sa ve changes. Reset - Click to undo any changes made locally and revert to previousl y saved values. Auto - refresh: To evoke the aut o - refresh to refresh the info rmation autom atically.
45 Deny: Frames matching the ACE are dropped. Rate Li miter : Indicates the rate limiter numb er of the ACE. T he a llowed range is 1 to 16. When Disa ble d i s d ispl aye d, the rat e l imiter ope ration is d isabled.
LGB5128A User Manual 46 Web Int erf ac e To configur e the Tr unk Aggregati on Hash mode and Aggregation Group in the Web int erface: 1. Click Conf iguration, Static Trunk, and then Aggr egation Mode Configurat ion. 2. Evoke to enabl e or disabl e the aggregat ion mode function.
47 Aggregation Group Confi guration Locality : Indicates the aggrega tion group type. This field is only valid for stacka ble switches. Global: The group m embers may reside on different units in the stack. The device supports two 8 - por t global aggregations.
LGB5128A User Manual 48 Figure 3 - 3.2.1: The LACP Port Co nfiguration Parameter de scripti on: Port : The switch port number. LACP Enabled : Controls wheth er L ACP i s en abled on thi s swi tch port. L ACP wi ll form an aggregation when 2 or more ports are connected to the same partner.
49 3- 3.2.2 System Status This section describes how to set LACP function on the switch to provide a status overview for all LACP inst ances. Web Int erf ac e To display the LACP Syst em status in the Web interface : 1.
LGB5128A User Manual 50 3- 3.2.3 Port Status This section describes how t o set LACP functi on on the switch then to provide a Port Status overview for all LACP instances. Web I nt erf ace To display the LACP Port status in the Web interfac e: 1.
51 3- 3.2.4 Port Statisti cs This section describes how to set LACP function on the switch to provide a Port Statisti cs overview for all LACP instances. Web Int erf ac e To display t he LACP Port stat us in the Web interface: 1.
LGB5128A User Manual 52 3-4 Spanning Tree The Spanning Tr ee Protocol (STP) can be used to detect and disabl e network l oops, and to provide backup l inks between swit ches, bridges, or router s. This al lows the swit ch to int eract with othe r bridging devices (that is, an STP - compliant switch, bridge, or rout er) in your network to ensur e that onl y one route exi sts between any two stations on the networ k, and provide backup l inks that automatically take over when a primary li nk goes down.
53 Figure 3 -4.1 : The STP Bridge C onfiguration Parameter de scripti on: Basic Settings Protocol Version : The STP protocol version set ting. Vali d values ar e STP, RSTP, and MSTP. Bridge Pri ority : Controls the bridge priority.
LGB5128A User Manual 54 Advanced Settings Edge Port BPDU Fil tering : Contro l w hether a port ex plicitly con figured a s Edge will trans mit and receive BPDUs. Edge Port BPDU Guard : Control whether a port explicitl y configured as Edge will disable itself upon reception of a BPDU.
55 Figure 3 -4.2 : The MSTI Co nfigur ation Parameter de scripti on: Configuration Identification Configuration Name : The name identifying the VLAN to M STI mapping. Bridges must share the name and revision (see below), as well as the VLAN - to - MSTI mapping confi gurati on in order to sh are spann ing trees for M STI's (Int ra - region).
LGB5128A User Manual 56 Web Int erf ac e To configur e the Spann ing Tree MSTI Priorit ies parameter s in t he Web inte rface: 1. Click Conf iguration, Spanning Tree, MSTI Priori ties. 2. Scroll the Priori ty. The maximum is 240.
57 Figure 3 - 4. 4 : The STP CIST Por t Configuration Parameter de scripti on: Port : The switch port number of t he logical STP port. STP Enabled : Controls whether STP is enabled o n this switch port. Path Cost : Controls the path cost incurred by the port.
LGB5128A User Manual 58 Restric ted Role : If e nabled, this cau ses the port not to be selected as R oot Port for the C IST or any MSTI, even i f it ha s th e be st sp anning tree prio rity v ector. Such a port w ill be selected as an Alternate Port after the Root Port has been selected.
59 Figure 3 - 4. 5 : The MSTI Port Configur ation Parameter de scripti on: Port : The switch port number of t he corresponding STP CIST (and MSTI) port. Path Cost : Controls the path cost incurred by the port.
LGB5128A User Manual 60 3- 4.6 Bridge Status After you compl ete the MSTI Port confi gurati on, you could to ask the swi tch t o displ ay the Bridge St atus. The Sect ion pr ovides a statu s overvi ew of a ll STP bridge instances.
61 3- 4.7 Port Status After you complete the STP configur ation, you could to ask the switch to display the STP Port Status. The section explains how to ask the switch to display the STP CIST port status for physical port s of the currently s elected switch.
LGB5128A User Manual 62 3- 4.8 Port Statisti cs After you complete the STP configurati on, then you can to enable the switch to display the STP Statis tics. The sectio n explains how to ask the switch to display the STP Statist ics detail counters of bridge port s in the currentl y selected switch.
63 It means th e switch supports the MRSTP. Several spanning trees exist at the same time and these sp anning tre es won ’t affect eac h other. A switch supports M RSTP and accepts two or m ore RSTP in signal equipment.
LGB5128A User Manual 64 Priorit y : The priority parameter used in the CIST (Comm on and Internal Spanning Tree) connection. 0 / 4096 / 8192 / 12288 / 16384 / 20480 / 24576 / 28672 / 32768 / 36864 / 40960 / 45056 / 49152 / 53248 / 57344 / 61440.
LGB5128A User Manual 65 3- 5.2 Port Configuration The chapter describes how to configure the MRSTP port. After you configure the MRSTP instance , the n y ou c an a ssign the p ort to join the ins tance and se t th e pa ramete rs t o implem ent MR STP.
LGB5128A User Manual 66 Parameter de scripti on: Port: The physical port index available va lue is 1 to 24. Instance : Every MRSTP inst ance must have a unique i nstance ID. Path Cost : Select “Auto” or “Specific.
67 3- 5.3 Port Status The section describes how to configure a M RSTP Port status table. You will see the MRSTP configuration result, each port that joins the MRSTP group, and its st atistics. Web Int erf ac e To view th e MRSTP Port sta tus in t he Web inte rface: 1.
LGB5128A User Manual 68 Display s the port priorit y. Priori ty here means Port Prior ity. Port Priority and Port Num ber are m ixed to form the Port ID. Port IDs are often com pared in order to determine which port of a bridge would become the Root Port.
69 Figure 3 -5.1 : The IGMP Snooping Configuration. Parameter de scripti on: Snooping Enable d: Enable the Gl obal IGMP Snoopi ng. Unregist ered IPMC v4 Flooding enabled : Enable unregi stered IPMCv4 traffic flooding.
LGB5128A User Manual 70 3- 5.2 VLAN Configuration The sec tion describes the VLAN configurati on s etting process integr ated with the I GMP Snooping fu nction. Each setti ng page shows up t o 99 entrie s from the VLAN ta ble (the de fault is 20) selecte d through t he "entries per page" input field.
71 QRI : Query Response Inte rval. The M ax. Response Time used to calcu late the Ma x. R esp. Code insert ed into the periodi c General Queri es. The allowed range is 0 to 31744 in te nths of seconds; def ault query response interv al is 100 in tenths of seconds (10 seconds).
LGB5128A User Manual 72 Figure 3 -5.3 : The IGMP Snoop ing Port Group Filt ering Configurati on. Parameter de scripti on: Delete : Check t o del ete t he ent ry. It wi ll be del eted during the next save. Port : Enable t he IGMP Sno oping Por t Group Filte ring f unction on the port.
73 3- 5.4 Status After you complet e the IGMP Snooping configura tion, the s witch can display the I GMP Snooping Status. The sec tion e xplains how to displa y the I GMP Snooping detai l stat us. Web Int erf ac e To display the IGMP Snoopi ng status in th e Web interf ace: 1.
LGB5128A User Manual 74 V2 Leaves Rec eived : The number of Received V2 Leaves . Auto - refresh Click the box next to auto - refresh and the device will refresh the log automatically. Upper ri ght i con (Ref resh, clear) Click o n these icons t o refr esh the Status or cl ear manuall y.
75 3- 5.6 IPv4 SSM information Source Speci fic Mul ticast (SSM) is a d atagram del ivery model that b est suppor ts one - to - many applications, also known as broadcast applications. SSM is a core network technology of IP multicast t argeted for audio and video broadcast appli cation environments .
LGB5128A User Manual 76 Port : Switch p ort nu mber. Mode : Indicates the filtering m ode maintained pe r (V LAN ID, por t nu mber, Group Address) basis. It can be e ither Includ e or Exc lude. Source Address : IP Ad dress o f the s ource.
77 3- 6.1 Basic Configuration The section explains how to configure the MLD Snooping basic configuration and the parameters. Web Interface To configur e the MLD Snoo ping Configu ration i n the Web i nterface: 1. Click Configuration, MLD Snooping, Basic Configuration.
LGB5128A User Manual 78 Port: The Port i ndex to e nable or d isable t he MLD Snooping f unction. Fast Leave : Enable t he fas t leave on the port. Router Po rt : Specify which ports act as rout er ports .
79 Compatibilit y : Compatib ilit y is maintain ed by hosts and routers taking appropriate actions depending on the ver sions o f MLD opera ting on hosts and routers within a netw ork. T he allow ed selection is MLD - Auto , Forced MLDv1 , Forced MLDv2 , default compatibility value is MLD - Auto.
LGB5128A User Manual 80 Figure 3 - 7. 3 : The MLD Snoopin g Port Group Fil tering Confi guration Parameter de scripti on: Delete : Check t o del ete t he ent ry. It wi ll be del eted during the next save. Port : The logical port for the set tings.
81 Figure 3 -6.4 : The MLD Snoop ing Status Parameter de scripti on: VLAN ID : The VLAN ID of the en try. Querier Vers ion : The current ly workin g Querier Ver sion. Host Ve rsion : The current ly workin g Host Versi on.
LGB5128A User Manual 82 Web Int erf ac e To display the MLD Snoopi ng Group inf ormation i n the Web i nterface: 1. Click Configuration, MLD Snooping, Group I nformation. 2. If you w ant to auto - refresh the info rmation then you need to check the “Au to - refresh” box.
83 3- 6.6 IPv6 SSM Information The section describes how to configure the Entries in the MLDv2 Informati on Table are shown on this page. The M LDv2 Information Table is sorted first by VLAN ID, then by group, and then by Port N o.
LGB5128A User Manual 84 3-7 MVR The MVR feature enables multicast traffic forwarding on the Multicast VLAN. In a multicast television appl ication, a PC or a television wi th a set - top box can rec eive the multica st stream.
85 Immediate Leave : Enable t he fas t leave on the port. Buttons: Save – Click to sa ve changes. Reset - Click to undo any cha nges made local ly and rever t to previ ously saved values. 3- 7.2 Groups I nfor mation The section describes how to display the MVR Groups detail informati on on the switch.
LGB5128A User Manual 86 3- 7.3 Statistics The section descr ibes how th e switch will di splay the MVR detail Statist ics aft er you configured MVR on the switch. It provides the detail MVR Statistics Information. Web Int erf ac e To display the MVR Stat istics Informati on in the Web interf ace: 1.
87 3- 8 LLDP The switch supports the LLDP. For current information on your switch model, the Link Layer Discovery Protocol (LLDP) provides a standards - based method for enabling switches to advertise th emselves to ad jacent devices an d to learn about adjacent LLD P devices .
LGB5128A User Manual 88 Tx Hold : Each LLDP frame conta ins informa tion abou t how long th e informa tion in the LLDP fram e will be consid ered vali d. The LLDP information valid pe riod is set to Tx Ho ld multiplie d by Tx Interv al seconds.
89 N OTE : When CDP awareness on a port is dis abled, the CDP informa tion isn't re moved imme diately, bu t gets w hen the hold time is exceeded. Port Descr : Option al TLV : W hen checke d the "p ort description" is included in LLDP in formatio n transmitte d.
LGB5128A User Manual 90 Parameter de scripti on: Local Port : The port on which t he LLDP frame was received. Chassis ID : The Chassis ID is t he identi ficati on of t he neighbor' s LLDP fra mes. Remote Port ID : The Remote Port ID is the ident ificat ion of the neighbor port.
91 3- 8.3 LLDP - MED Conf igu rat ion Media Endpoint Discovery is an enhancement of LLDP, known as LLDP - MED, that pr ovid es the follow ing facilities: Auto - discovery of LAN policies (such as VLAN, Layer 2 Priority, and Differentiated services (Diffserv) settings) e nabling plug - and - play networking.
LGB5128A User Manual 92 Parameter de scripti on: Fast start repeat count Rapid startup an d Emergency Call S ervice Location Identification Discovery of endpoints is a critically important aspe ct of VoIP systems in general.
93 NAD83/MLLW: Nor th American Datum 1983, CRS Code 4269, Prime Merid ian Name: Greenwi ch; The associated vertical datum is Mean Lower Low Wat er (MLLW). This datum pair is t o be used when ref erencing locat ions on water/ sea/ocean.
LGB5128A User Manual 94 Floor : Floor - Example: 4. Room no. : Room number - Example: 45 0F. Place type : Place t ype - Example: Office. Postal community name : Postal community name - Example: Leonia.
95 NOTE: LLDP - MED is n ot in te nde d to ru n on li nk s oth er t h an between Network Connect ivity Devices and E ndpoint s, s o it does not ne ed to advert ise the mul tit ude of netwo rk pol ici es tha t frequen tly run on a n aggreg ated link in terior to the LAN.
LGB5128A User Manual 96 L2 Priority : L2 Priority is the Layer 2 priority to be used fo r the specified application typ e. L2 Prio rity may spec ify one of eight priori ty levels (0 thr ough 7), as defined by IEEE 802.
97 LLDP - MED Network Connec tivi ty Devic es, as defin ed in TIA - 1057, provide access to the IEEE 8 02 ba sed LA N infrastr ucture fo r LLDP - MED End point Devices. An LLDP - MED Network Connectiv ity De vice i s a LAN access dev ice ba sed on a ny of t he fo llowi ng technologies: 1.
LGB5128A User Manual 98 2. Network Poli cy 3. Location Identific ation 4. Extended Power vi a MDI - PSE 5. Extended Power vi a MDI - PD 6. Inventory 7. Reserved Applicat ion Ty pe : Applicat ion Type indicati ng the primary function of the applica tion(s ) defin ed for this network policy, advertised by an Endpoint or Network C onnectivity Device.
99 Priorit y : Priori ty i s the Layer 2 priority to be used for the specified applicatio n type. Cho ose one of the eight p riority levels (0 through 7). DSCP : DSCP is the DSCP value to be used to provide Diffserv node behavior for the specified application t ype as defined in IETF RFC 2474.
LGB5128A User Manual 100 Echo Tx Tw : The link partner' s Echo Tx Tw valu e. The respecti ve echo values will be defined as the local link par tner’s r eflecti on (echo) of the remote link p artner’s re spective values.
101 3- 8.6 Port Statisti cs Two typ es of coun ters are shown. Global counters are counters that refer to the whole stack of switches, while local counters ref er to per port counter s for t he currentl y selected swit ch.
LGB5128A User Manual 102 Rx Frames : The number of LLDP frame s received on the p ort. Rx Error s : The number of rec eived LLDP frames con taining som e kind o f error. Frames Discarded : If an LLDP fr ame is received on a port, and the sw itch's internal table is full, the LLDP frame is counted and dis carded.
103 3- 9 Filtering Data Base Filteri ng Data Base Configuration gathers many function s that cannot be categorized to some function ty pe, includ ing MAC Table In formatio n and Sta tic MAC Learnin g. MAC ta ble Frame switching is based upon the DM AC address contained in the frame.
LGB5128A User Manual 104 Parameter de scripti on: Aging Conf igurat ion : By default, dynamic entrie s are removed from the MAC table after 300 seconds. This removal is als o called aging. Configu re agi ng t ime by enter ing a value here in s econds; for exampl e, Age time seconds .
105 3- 9.2 Dynamic MAC Table Entries in the MAC Tabl e are show n on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID , then by MAC addres s. Web Int erf ac e To Display the MAC Address Table in the Web in terface: 1.
LGB5128A User Manual 106 3-10 VLAN Assign a specif ic VLAN for manag ement. The management VLAN is used to establ ish an IP connection to the switch fr om a workstation connected to a port in the VLAN. This connection supports a VSM, SNMP, and Telnet session.
107 Port Members : A row of ch eck boxes for each port i s displa yed for each VLAN ID. To in clude a port in a VLAN, check the box. To remove or exclude the port from the VLAN, make sure the box is unchecked.
LGB5128A User Manual 108 Figure 3 -10.2 : The VLAN Port Configuration Parameter de scripti on: Ethertype for Custom S - ports : This field specifies the ether type used for Custom S - ports. This is a global setting for all the C ustom S - ports.
109 If Sp ecific (the defau lt valu e) is se lected, a Port VLA N ID c an be configure d ( see below) . Untagged frames received on the port are classified to the Port VLAN ID. If VLAN awareness is disabled, all frames received on the port are classified to the Port VLAN ID.
LGB5128A User Manual 110 spanning trees in a network, which signif icantly improves network resource use while maint aini ng a l oop - free environm ent. VLAN ID : Indicates the ID of th i s particular VLAN. VLAN Membership : The VLAN Membership Status Page will show the current VLAN port m embers for all VLANs configur ed by a selecte d VLAN User (select ed via a Combo Box).
111 ingress filtering is enable d an d the ingr ess p ort is not a memb er of the classifie d V LAN, the frame is d iscarded . Frame Type : Sho ws whethe r the port accepts all frames or only tagged frames. This pa rameter affec ts VLAN ingress processing.
LGB5128A User Manual 112 Figure 3-10 .5 .1: The Private VLAN Me mbership Configura tion Parameter de scripti on: Delete : To delete a private VLAN entry, check this box. The entry will be deleted during the next save.
113 Figure 3 -10 .5. 2 : The Port Isolation Configurati on Parameter de scripti on: Port Members : A check box is provide d for each port of a private VLAN. When checked, port isola tion is enabled on that port.
LGB5128A User Manual 114 Figure 3 -10.6 .1 : The MAC - based VLAN Membership Configuration Parameter de scripti on: Delete : To delete a MAC - based VLAN entry, check this box and press save. The entry will be deleted on the selected swit ch in the stack.
115 3- 10.6.2 Status This section shows MAC - based VLAN entries configured by var ious MAC - based VLAN users. Current ly, we supp ort f ollo wing VL AN User types: NAS : NAS provides port - based authenticati on, which involves comm unications between a Supplican t, Aut hentica tor, and an Aut hentic atio n Server.
LGB5128A User Manual 116 3- 10.7 Protocol - based VLAN This sect ion descri bes Protoc ol - based VLAN, Protocol s supported by the switch i nclude Ethernet LLC and SNAP. LLC The Logical Link Control (LLC) data com munication protocol layer is the upper su b - layer of the Data Link Layer (whi ch is itself layer 2, just abov e the Physical Layer ) in the seven - layer OSI reference model .
117 2. LLC 3. SNAP N OTE : On changing the Frame type field, valid value of the following text field will va ry depe nding o n the n ew fram e type you selec ted . Value : Valid value that can be entered in this text field depends on the option selecte d from the preceding Frame Type sel ection menu.
LGB5128A User Manual 118 3- 10.7.2 Group to VLAN This se ction allows you to map a alr eady - configure d G roup Name to a VLAN fo r the selected switch unit in t he switch stack. Web Int erf ac e To Display Group Name to VLAN map ping ta ble conf igur ed in the Web int erf ace: 1.
119 Buttons: Save – Click to sa ve changes. Reset - Click to undo any cha nges made local ly and rever t to previ ously saved values. Auto - refresh : Check the bo x next to aut o - refresh an d the device will refresh the info rmation automatica lly.
LGB5128A User Manual 120 Parameter de scripti on: Port : The Port column shows the list of ports for which you can configure GARP set tings. There are 2 types configuration settings t hat can be c onfigured on per port bases.
121 3- 12.2 Statistics The sectio n describes GARP port st atisti cs http://192.0.2.1/help/glossary.htm - qos for all switch ports. The port statistics relate to the cur rently selected stack unit , as reflected by the page header.
LGB5128A User Manual 122 3-13 GVRP GVRP is an ap plic ation based on Gene ric Attr ibute Regis trat ion P rotoc ol ( GARP), mainly used to automati cally and dynamical ly maintain the VLAN group membership i nformation. The GVRP provides the VLAN reg istrati on servic e through a GARP applicat ion.
123 1. GVRP Mode This confi gu ration is to enable/d isable GVR P Mode o n particular port loc ally. Disable : Select to Di sable GVRP mode on t his po rt. Enable: Sel ect t o Enable GVRP mode on this port. The default value of confi guration is disabl e.
LGB5128A User Manual 124 3- 13.2 Statistics The sectio n describes how to show the basic GVRP Port sta tisti cs for all switch ports. The statistics r elate to the current ly selected stack unit , as reflected by the page header.
125 3- 14 MRP This standard specifies protocols, procedures, and managed objects to support the Multiple Regist ratio n Protoc ol (MRP). MRP allows partici pants in a MRP Appli catio n to register attributes with other participants in a B ridged Local Area Network.
LGB5128A User Manual 126 Applicat ion : Current ly t he onl y sup ported appli cati on is MVRP. Attrib ute Type : Current ly t he onl y sup ported Attr ibute Type is VLAN. MRP Appl ica nt : This configurati on is used to conf igure the Appli cant state m achine behavior for MRP on a perticular port local ly.
127 3- 14.2 Statistics This page provides MRP port statis tics for all switch ports. The port statistics relate to the currently selected st ack unit, as ref lected by the page header. Web Int erf ac e To display MR P Por t st atistics in the Web in terface: 1.
LGB5128A User Manual 128 3-15 MVRP The Multiple VLAN Registrati on Protocol (MVRP) defines an MRP applicati on that provides the VLAN registration service. MVRP provides a m echanis m for dy namic mainten ance of the contents of D ynamic VLA N Registration Entries for each V LAN, and f or propagating the informa tion the y cont ain to other Brid ges.
129 Disable : Select to Di sable MVRP mode on t his por t. Enable: Sel ect t o Enable MVRP mode on this port. The default value of confi guration is disabl e. 2. MVRP rrole This confi gur ation i s used to conf igure rest ricted rol e on an int erface.
LGB5128A User Manual 130 3- 15.2 Statistics This page shows the basic MVRP Po rt stat isti cs for all switch por ts. The st atist ics rel ate to the currently selected st ack unit, as ref lected by the page header. Web Int erf ac e To display MV RP Por t statistics in the Web i nterface: 1.
131 3- 16 QoS The switch supports four QoS queues per port with strict or weighted fair qu euing scheduling. It suppo rts Qo S Con trol Lists (QCL) for adv anced program mab le QoS classific ation, ba sed on IEEE 8 02.1p, Eth ertype, V ID, IPv4/IP v6, DS CP, and UDP/T CP po rts and ra nges.
LGB5128A User Manual 132 Parameter de scripti on: Port : The port number for whi ch the co nfigurati on below app lies. QoS cl ass : Control s the default QoS class, i.e., the QoS class for frames not classif ied in any other way.
133 3- 16.2 Port Policing This section pro vides an overview of QoS Ingress Port Policers for all switch port s The Port Polici ng is useful in cons traini ng traffi c flows and markin g frames above specif ic rates . Polici ng is primarily useful for data flows and voice or video flows because voice and video usually maintai n a steady r ate of tr affic.
LGB5128A User Manual 134 3- 16.3 Port Scheduler This section provi des an overview of QoS Egress Port Schedulers for all switc h ports. and the ports belong t o the curr ently select ed stack uni t, as ref lected by t he page header. Web Int erf ac e To display the QoS Port Schedulers in the Web interf ace: 1.
135 Parameter de scripti on: Port : The logical port for the settings contained in the sam e row. Click on the port num ber in order to conf igure the schedulers. Mode : Shows the schedul ing mode f or th is port .
LGB5128A User Manual 136 Queue Sch eduler Perce nt : Shows the weight in percent for this queue. This parameter is only shown if "Scheduler Mode" is set to "Wei ghte d." Port Shaper Enable : Control s whet her t he por t sha per i s enabl ed f or th is swi tch port.
137 If&you&sele ct&the&sche duler& mode&w ith& wigh ted& then & the&screen& will&ch ange& as& the&figure.
LGB5128A User Manual 138 Parameter de scripti on: Port : The logical port for the settings contained in the sam e row. Click on the port num ber in order to conf igure the shapers. Shapers (Qn) : Shows "di sabled" or act ual queu e shaper rate - e.
139 3- 16.5 Port Tag Remarking The Section provides user to get an overview of QoS Egress Port Tag Remarking for all switch ports. Others the ports belong to the currently selected stack unit , as reflected by the page header.
LGB5128A User Manual 140 3- 16.6 Port DSCP The section will teach the user how to set the QoS Port DSCP configuration that allowed you to configur e the basic QoS Port DSCP Configurati on settings for all switch ports.
141 • All: Classif y all DSCP. Egress : Port Egr ess Rewri ting can be o ne of t hese par ameters: • Disabl e: No Egress rewri te. • Enable: Rewrite enable without remapped. • Remap: DSCP from analyze r is remappe d and frame is re m arked with remapped DSCP valu e.
LGB5128A User Manual 142 Figure 3 -16.7 : The DSCP - Based QoS Ingress Classifi cation Confi guration Parameter de scripti on: • DSCP : Maximum numbe r o f s uppor ted DSCP value s ar e 6 4. • Trust : Click to c heck i f t he DSCP v alue i s tr usted.
143 3- 16.8 DSCP Translation The section describes how to configure the basic QoS DSCP Translati on settings for all switches. DSCP translation can be done i n Ingress or Egress. Web Int erf ac e To configur e the DSCP Tr anslation parameters i n the Web interfac e: 1.
LGB5128A User Manual 144 Ingress : Ingress side DSC P can be first tran slated to new D SCP before using the DS CP for QoS class and DPL map. There are t wo config uration pa rameters fo r DSCP Translat ion – 1.
145 3- 16.9 DSCP Classification This sect ion descri bes how to configur e and map a DSCP va lue to a QoS Class an d DPL value. The settings relate to the currently select ed stack unit, as reflected by t he page header. Web Int erf ac e To configur e the DSCP Cl assificat ion paramet ers in the Web interface : 1.
LGB5128A User Manual 146 3- 16.10 QoS Control List Confi guratio n The section shows the QoS Control List ( QCL ), which is made up of the QCE s. Each row describes a QCE that is defined. The maximum number of QCEs is 256 on each switch.
147 Ethernet: Only Ether net f rames (wit h Ethe r Type 0x600 - 0xFFFF) are all owed. LLC: Only ( LLC ) frames are allowe d. SNAP: Only ( SNAP ) frames are allow ed IPv4: The QCE will match onl y IPV4 fr ames. IPv6: The QCE will match onl y IPV6 fr ames.
LGB5128A User Manual 148 VID: Valid value of VLAN ID can be any value in the range 1 - 4095 or “Any”; a user can enter either a specifi c value or a range of VIDs. PCP Priority Code Point : Valid value PCP are specific (0, 1, 2, 3, 4, 5, 6, 7) or ran ge (0 - 1, 2- 3, 4 - 5, 6 - 7, 0 - 3, 4 - 7) or “Any.
149 Action Configur ation : Class QoS Clas s: "class (0 - 7)", def ault - basic classi fication. DP: Val id DP Level can b e (0 - 3)", default - basic cl assificat ion. DSCP: Val id d scp val ue ca n be ( 0 - 63, BE, CS1 - CS7, EF or AF11 - AF43) .
LGB5128A User Manual 150 Action : Indicates the cla ssification action tak en on ingress frame if parameters configured are match ed wi th the fr ame's con tent . There are t hree acti on fiel ds: Class , DPL, and DSCP.
151 Parameter de scripti on: Frame Type : The settings in a particular row apply to the frame type listed here: Unicast, Multicast, or Broadcast . Enable : Enable or disab le the storm c ontrol status for the giv en frame type.
LGB5128A User Manual 152 Parameter de scripti on: Receiver Id : The “Receiver ID” input fields allow the user to select the receiver ID. It indicates the ID of this p articular sFlow Re ceiver. Curren tly, on e ID is suppo rted and one collector is supported.
153 3- 18.2 Sampler The sect ion displays the sFlow sampler what you set or you can edit it for your requirement. That will help user based on a defined sampling rate, an average of 1 out of N packets/operati ons is randomly sampled.
LGB5128A User Manual 154 Max Hdr Si ze : Configu red s ize of the header of the sa mpled f rame. Polling I nterval : Configu red po llin g int erval for the counter sampl ing. Butto ns: Circle - E button — Edi ts the Dat a source sampl er configu ration.
155 Figure 3 -20 .1: The Mirror Co nfiguration Parameter de scripti on: Port to mirror on : Port to mirror i s also known as the mirror port . Frames from ports that have either sourc e (rx) or de stination (tx) m irroring en abled are mirrored o n this po rt.
LGB5128A User Manual 156 Buttons: Save – Click to sa ve changes. R eset - Click to undo any changes m ade locally and rever t to previ ously saved values. 3-20 Trap Event Severity Use th is f uncti on to set a Alar m trap and g et t he Event log .
157 3-21 SMTP Configuration Use this function to set a Alarm trap. When the switch alarm goes off, you can se t the SM TP server to send you the alar m mail. Web Int erf ac e To configur e the SMTP Conf igurati on in th e Web interf ace: 1.
LGB5128A User Manual 158 3- 22 802.3ah OAM For Carrier Ethernet applicati ons, you can reduce operating costs and increase the remote access for maintenance. Using E thernet as a m etropolitan and wide - area networking technolo gy requires a n ew set of OAM p rotocols.
159 Parameter de scripti on: Port Members : The switch port number and index f or port configur ation I EEE 802.3ah OAM. OAM Enabl ed : You can set OAM enable or disable on the Port. Controls whether Link OAM is enabled on this switch port.
LGB5128A User Manual 160 3- 22.2 Event Config This chapter explains how to inspect and chan ge the current Link OA M Event configu rations . It allows you to s et wha t kind of event trigg ers the 802.3ah OAM monito r and m anag ement function.
161 Frame Period Error Event: The Errored Fr ame Period Event TLV counts the nu mber o f er ror ed f rames det ecte d dur ing the s pecified period. Th e pe riod is specified by a nu mber of receive d fram es. T his e vent is generated if the errored frame count is greater than or equal to the specified threshol d for that pe riod (for example , if the errored frame count is greater than or equal to 10 for the last 1,00 0,000 frames receive d).
LGB5128A User Manual 162 3- 22.3 Po rt Status When y ou co nfi gur e th e IEE E802 .3a h OAM, then the swit ch w il l di spl ay t he Po rt St at us i n thi s page. It provides Link OAM configuration operational status. The displayed field shows the active confi guration st atus for t he selected port.
163 Link Monitoring Support : If status is e nabled, D TE sup ports inter preting Lin k Events . The field w ill show e nabled. MIB Ret rie val Suppor t : If status is e nabled, DTE suppor ts sen ding V ariable Respon se O AMPD Us.
LGB5128A User Manual 164 3- 22.4 Link Events This chapter explains how to inspect and change the current Link OAM Link Event configurations. The Link OAM Link Event status rel ate to the currently selected stack unit, a s reflected b y the p age hea der.
165 Total Frame Error Events : This four - octet field indicates the number of Errored Frame Event TLVs that have been generated since the OAM sub - layer wa s reset. Frame Period Error Event Timestamp : This two - octet field indicates the time reference when the event was generated, in 100 ms intervals .
LGB5128A User Manual 166 Event Seconds Summary Error Total : This four - octet field indicates the sum of errored frame seconds that have been detected since the OAM sub - layer w as reset . Event Seconds Summary Event Tot al : This four - octet field indicat es the number of Errored Frame Seconds Summary Event TLVs that have been g enerate d since th e OAM sub - lay er was reset, encode d as a 32bit unsigned integer.
LGB5128A User Manual 167 3- 22.5 Statist ics This chapter explains how to provide detailed OA M traf fic statistics for a specific switch port. Use the port select box to select which switch port details to display.
LGB5128A User Manual 168 Rx and Tx Variabl e Re sponse : A count of the number of Variabl e Response O AMPDUs received and transmitted on this interface . Rx and Tx Org Speci fic PDU’s : A count of t he number of Organi zation Specif ic OAMPDUs t ransmitt ed on this interf ace.
169 3-23 Ethernet OAM The chapter describes the Ethernet OAM configurati on. Before you configure the Ethernet OAM, you need to under stand MEP (Maintenan ce Enti ty Point). The MEP means the Points at the edge of the domain define the boundary for the dom ain.
LGB5128A User Manual 170 Ingress : This is a Ingress (dow n) MEP — monit ori ng i ngr ess tra ffi c on “Re side nce Port .” Egress: This is a Egress (up) MEP — monito ring egr ess tr affi c o n “ Resid ence Port .
171 3-23 EPS The chapter descr ibes the Ether net Protect ion Switchin g (EPS). Ethernet (Linear) Protection Switch i nstance s are c onfigur ed here. Web Int erf ac e To configur e the EPS i n the Web i nterface: 1. Click Conf iguration, EPS.
LGB5128A User Manual 172 W SF ME P: This fi eld assi gns the work ing Signal Fail re porting MEP. P SF MEP: This fi eld assi gns the pr otecting Signal Fai l report ing MEP. APS MEP: This fi eld assi gns the APS PDU ha ndling MEP.
173 3-23 ERPS The chapt er desc ribes Ethernet Ring Prot ection Switching (ERPS ). ITU - T under G.8032 recomm ended this to pro vide sub - 50ms prot ection and recovery switching for Ethernet traffic in a rin g topo logy, a nd at the sa me tim e ens uring th at there are no loop s form ed at the Ethernet layer .
LGB5128A User Manual 174 The West APS PDU handling M EP. Only one APS MEP is ass ociated with interconnecte d sub - ring withou t virtual chann el, and it is c onfigured a s "0" for suc h ring instan ces.
175 3-22 PTP For C arrier Ethernet application, PTP is an acronym for Precision Time Protocol, a network protocol for synchronizing the clocks of computer systems. The chapter explains how to configure and inspect the current PTP clock settings.
LGB5128A User Manual 176 External Enable : This Select ion box will al low you to conf igure the E xternal Clock ou tput. The foll owing values are possi ble: 1. True : En able t he exter nal cl ock out put. 2. False : Di sable the extern al cl ock o utput.
177 N OTE : IPv4 unicast protocol only wo rks in Master only and Slave only clocks. See parameter Device Type. In a unicast Slave, the only clocks you need to configure are the m aster clocks to request Annou nce and Syn c messages from .
LGB5128A User Manual 178 3- 22.2 Status This chapter allows the user to m onitor the PTP configuration stat us and inspect the current PTP clock setti ngs. Web Int erf ac e To monitor the PTP st atus in t he Web int erface: 1.
179 5.SlaveOnly - Clock 's Dev ice Ty pe is Slave Only. Port List : Shows the ports configu red for that Clock Instance . Auto - refresh : Click t he box next to auto - refresh and to enable an automatic refr esh of the page at regular intervals .
LGB5128A User Manual 180 Chapte r 4. Security This chapt er desc ribes all of th e switch securi ty conf igurati on task s t hat enhance the security of local networks, including IP Source Guard, A RP Inspection, DHCP Snooping, AAA, etc.
181 Parameter de scripti on: Mode o f I P Sour ce Gu ard Confi gurat ion : Enable the Globa l IP Source Guard or disable the Globa l IP Source Guard. Al l configured ACEs will be l ost when the mode is enab led. Port Mode Conf iguration : Specify which port s IP Source Guard is enabled on.
LGB5128A User Manual 182 4- 1.2 Static Table The section descr ibes how to confi gure the Stat ic IP Source Guard Tabl e parameters of the switch. You could use the Stat ic IP Source Guard Table configure t o manage the entr ies.
183 4- 1.3 Dynamic Table The sect ion describes hhow to configure the Dynamic IP Source Guard Tab le parameters of the switc h. You c ould us e the Dy namic IP Sour ce Gua rd Table configure to ma nage the entries.
LGB5128A User Manual 184 4-2 ARP Insprction The sectio n describes how to conf igure t he ARP Inspect ion parameter s of t he switch. You could use the ARP Inspection configure to manage the ARP table. 4- 2.1 Configuration This sect ion descri bes how to configur e ARP Inspecti on sett ing incl uding: Mode (Enabled and Disabled) Port ( Enabled a nd Disabl ed) Web Int erf ac e To configur e an ARP In spection Conf igurati on in t he Web inter face: 1.
185 4- 2.2 Static Table The sectio n describes how to conf igure t he Static ARP Inspecti on Table parameters of the switch. You co uld use the St atic ARP Inspect ion Tab le conf igure to manage the ARP e ntries. Web Int erf ac e To configur e a Stat ic ARP Inspect ion Table Configurat ion in the Web int erface: 1.
LGB5128A User Manual 186 4- 2.3 Dynamic Table The section describes how to configure the Dynamic ARP Inspection Table parameters of the switch. The Dynamic ARP Inspection T able contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and t hen by IP address .
187 4-3 DHCP Snooping The section describes how to configure the DHCP Snooping parameters of the switch. The DHCP Snoopi ng can preven t at tacker s fr om addi ng the ir own DHCP ser vers to t he net work. 4- 3.1 Configuration This section descri bes how to configure DHCP Snooping setting incl uding ： Snooping Mode (Enabled and Dis abled) Port Mode Configu ration (Truste d, Untr usted) Web Int erf ac e To configur e DHCP Snooping i n the Web i nterface: 1.
LGB5128A User Manual 188 4- 3.2 Statistics The sectio n describes how to show the DHCP Snooping Statist ics in formation of the switch . The stati stics show only pac ket counter s when DHCP snoopi ng mode is enabled and relay mode i s d isab led.
189 Rx and Tx Lease Ac tive : The number of lease act ive (opti on 53 wit h value 13 ) packets received and transmit ted. Auto - refresh : Click the box nex t to auto - refresh and the device will refresh the inform atio n automatically.
LGB5128A User Manual 190 4-4 DHCP Relay The sectio n describes how to f orward DHCP request s to anot her speci fic DHCP serv ers via DHCP rel ay. Th e DHCP se rvers may be on ano ther network . 4- 4.1 Configuration This sect ion descri bes how to configur e DHCP Relay sett ing in cluding ： Relay Mode (Enabled and Disabl ed) Relay S erver IP set ting Relay I nfor mation Mode (En abled and Di sabled) Relay I nfor mation Mode Pol icy ( Replac e, Keep and Dr op) Web Int erf ac e To configur e a DHCP Relay in the Web i nterface : 1.
191 Indicates the D HCP relay info r mati on opti on policy. When DHCP relay infor mati on mode operation is enabled, if agent receives a DHCP m essage that already contains relay agent informa tion it w ill enforce the po licy.
LGB5128A User Manual 192 4- 4.2 Statistics The section describes the switch’s DHCP Relay S tatist ics informat ion. The stati stics show both Server and Client packet counters when DHCP Relay mode i s enabled. Web Int erf ac e To configur e a DHCP Snooping Statist ics Confi guration in the Web interf ace: 1.
193 The number of packets t hat were r eplaced wit h relay agent inf ormation opt ion. Keep Agent Option : The number of packets whose relay agent infor mation was ret ained. Drop Agen t Opti on : The number of packets that were dropped which were received with relay agent informa tion.
LGB5128A User Manual 194 4- 5 NAS The section descri bes how to configur e the NAS parameters of the swit ch. You can use the NAS server to connec t users to a vari ety of resour ces including Interne t acce ss, co nferenc e calls, printi ng documents on shared printers, or by simply logging on to the Internet.
195 Mode : Indicates if NAS is glob ally ena bled or disabled on th e switch stack. If glob ally disab led, all ports are al lowed to for ward frames. Reauthenti cation Enabled : If che cked, s uccessfu lly auth enticated sup plicants/clie nts a re rea uthentica ted a fter the interval specif ied by the Reauthentic ation Period.
LGB5128A User Manual 196 RADIUS - assigned QoS centrally controls the traffic class to which traffic coming from a successfully authenticated supplicant is assigned on the switch. The RADIUS server must be configured to transmit special RADIUS attribute s to take advantage of this feature (see RADIUS - Assign ed QoS Enabl ed below for a detailed descr iption).
197 In th is m ode, the sw itch will s end one EA POL Su ccess fram e w hen the port link com es up, and any client on the port will be allowed network access without authenticati on. Force Unauthorized : In this mode, the switc h will send one EAP OL Failure fram e when the po rt link comes up, and any client on the port will be disallowed net work access.
LGB5128A User Manual 198 In po rt - based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for network traffic. This allows other clients connected to the port (for instance through a hub) to piggyback on the successf ully authenticated client and get network access even though they really aren't authenticat ed.
199 order to successfully identify a QoS Class. The User - Priorit y - Table attribute defined in RFC4675 forms the ba sis for iden tifying the Q oS Clas s in an Ac cess - Accept packet. Only the first occurren ce of the attrib ute in the packet will be considered , and to be valid, it must fol low thi s r ule: • All 8 oc tets in the a ttr ibute's value m ust be identica l and co nsist of ASCII cha racters in the range 0 – 3, which transl ates into the desired QoS Cl ass in the range [0; 3] .
LGB5128A User Manual 200 Request Identity frames. If the number of transmission s of such frames exceeds Max. Reauth. Count and no EAPOL frames have been received in the meantime, the switch considers entering the Guest V LAN.
201 4- 5.2 Switch Status The sect ion desc ribes each switch port’s NAS st atus i nformation. The status incl udes Admin State Po rt St ate, La st Sourc e, Last ID, QoS Class, and Por t VLAN I D. Web Int erf ac e To configur e a NAS Switc h Status Configurati on in t he Web int erface: 1.
LGB5128A User Manual 202 Auto - refresh : Click the box nex t to auto - refresh and the device will refresh the inform ation autom atically. Upper ri ght i con (Ref resh): Click on t hese i cons t o ref resh the NAS Switc h Stat us manua lly.
203 4- 5.3 Port Status The secti on provid es detai led NAS statist ics for a specific switch port running EAP OL - based IEEE 8 02.1X authentication. Web Int erf ac e To configur e a NAS Port Status Conf igurati on in the Web interf ace: 1.
LGB5128A User Manual 204 • Single 802.1X • Multi 802.1X Backend Server Counters : These backend (RADIUS) frame counters are available for the following administrative states : • Port - based 802.1X • Single 802.
205 Shows the date and time of the last authentication of the client (successful as well as unsuccessful). Auto - refresh : Click the box nex t to auto - refresh and the device will refresh the inform ation autom atically.
LGB5128A User Manual 206 4- 6 AAA This section shows you to use an AAA (Authentic ation, Authorizat ion, Accounting) server to provide access control to your network. The AAA server can be a TAC ACS+ or RADIUS server to create and manage objects that contain setti ngs for using AAA servers.
207 Figure 4- 5.3 .3 : The RADIUS Configuration Figure 4 - 5.3 .4 : The RADIUS Accounti ng Configuration Figure 4 - 5.3 .4 : The TACACS+ Authentication Configurati on Parameter de scripti on: Timeout : T he Timeout, which can be set to a number between 3 and 3600 seconds, is the m axim um time to w ait for a reply from a se rver.
LGB5128A User Manual 208 RADIUS Aut henti catio n Serv er Conf igur ation The table has one ro w for each RADI US Authent icati on Server and a number of columns, which are: # : T he RADIUS Authenticati on Server number f or which the configuration below applies.
209 Secret : The secret — up t o 29 characters l ong — shared between the TACACS+ Authentication Server an d the switch stack. Buttons: Save – Click to sa ve changes. Reset - Click to und o any changes made locally and revert to previously saved values.
LGB5128A User Manual 210 The IP address and UDP port number (in <IP Address>:<UDP Port> notation) of this server. State : The current state of the s erver. Thi s fiel d has one of the f ollowing values: Disabl ed: Th e serv er is disa bled.
211 Parameter de scripti on: Auto - refresh : Click the box nex t to auto - refresh an d the device w ill refresh the inform ation autom atically. Upper ri ght i con (Ref resh, Clear) : Click on thes e icons to refresh the RADIUS Sta tist ics infor mation by manual or to clear a ll entries.
LGB5128A User Manual 212 Parameter de scripti on: System Conf igurat ion Mode : Indicates if Limit C ontrol is globa lly en abled or disa bled on the sw itch sta ck. If globally disabled, other modules m ay still use the underlying functionality, but limit checks and corresponding actions are disabled.
213 1) Boot t he stac k or e lect a new mast er swit ch, 2) Disabl e and re - enable Li mit Control on the port or the swit ch stack. 3) Click the Reopen butt on. Trap & Shutdown: If Limit + 1 MAC addresses is seen on the port, both the "Trap" and the "Shutdown" ac tions described abo ve will be taken.
LGB5128A User Manual 214 4- 7.2 Switch Status This section shows th e Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules — the user m odules.
215 Each of the user m odules has a column that shows whether that module has enabled Port Securit y or not. A ' - ' m ean s th at the co rrespo nding us er module is not enabl ed, whereas a letter in dicates that the user module abbreviated by that letter (see Abbr ) has enabled port security.
LGB5128A User Manual 216 4- 7.3 Port Status This section shows the MAC addresses secured by the Port Security module. Port Security is a module with no di rect confi guration. Confi guration comes i ndirectly from other modules — the user modules.
217 4- 8 Access Management This section shows you to configure access management table of the Switch including HTTP/HTTPS, SNMP, and TEL NET/SSH. You can manage the Swit ch over an Ethe rnet LAN, or over the Internet. 4- 8.1 Configuration This section shows you how to con figure access manag ement tabl e of the Sw itch.
LGB5128A User Manual 218 HTTP / HTTPS : Indicates that the h ost can access the switch from HTTP/HTTPS interface if the host IP address matches the IP address range provided in the entry. SNMP : Indicates that the host can acce ss th e sw itch fro m SNMP inte rface if the host IP addre ss match es t he I P a ddres s r ange prov ided in the ent ry.
219 4- 8.2 Statistics This sectio n describes det ailed stat istics for the Access Management i ncluding HTTP, HTTPS, SSH. TELNET, and SSH. Web Int erf ac e To configur e an Assess Management Stat istics in the Web interf ace: 1.
LGB5128A User Manual 220 4-9 SSH This secti on shows you to use SSH (Secure SHell) to secur ely access the Switch. SSH is a secure comm unication protocol that combines authentication and data e ncryption to p rovide secure encrypted commu nication.
221 4-10 HTTPs This section shows you how to use HTTPS to securely access the Switch. HTTPS is a secure communication protocol that com bines authentication and data encryption to provide secure encrypted communication via the br owser.
LGB5128A User Manual 222 4-11 Auth Method This page shows how a user is authenticat ed when he logs into the switch stack via one of the man agem ent client inte rfaces. Web Int erf ac e To configur e a Authent ication Method Confi guration in the Web interfa ce: 1.
223 Chapte r 5. Maintenance Thi s chapte r des cr i be s switch Maintenance confi gur at i on task s to enhance the performance of the local network, includi ng Restart Device, Firmware upgrade, Save/Rest ore, Import/ Export , and Diagnost ics.
LGB5128A User Manual 224 5- 2 Firmware This section describes how to upgrade Firmware. The Switch can be enhanced with more value - added functions by instal ling fir mware upgrades. 5- 2.1 Firmware Upgrade This page f acili tates an update of the fir mware control ling t he Web Int erf ac e To configur e a Fir mware Upgrade Confi guration in the Web interf ace: 1.
225 5- 2.2 Firmware Selection The switch supports Dual image for firmware redund ancy purpose. You can select the firmware imag e for your device start firm ware or op erating firmware. Th is page prov ides informa tion a bout the active and altern ate (b ackup ) firm ware image s in the devic e, an d allo ws you to revert to the alternate i mage.
LGB5128A User Manual 226 NOTE: 1. In case the a ctive firmware im age is the alterna te image, o nly the "A ctive Im age" tab le is show n. In this case, the Activate Alternate Image button is also disabled. 2. If the alternate image is active (du e to a cor ruption of th e primary image or by manual inter vent ion), upl oading a new firmware image to the dev ice will auto matically u se the prim ary image slot and a ctivate th is.
227 5-3 Save / Restore Thi s section des cri be s how to save and restore the Switch configuration, including reset to Factory Def aults, Save Start, Save Users , or Rest ore Users for any maintenance ne eds. 5- 3.1 Factory Defaults Thi s section des cri be s how to reset the Switch configurati on to Factory Defaults.
LGB5128A User Manual 228 5- 3.3 Save User This section descri bes how to save users inf ormation. Any current conf igurati on fi les will be saved as XML format. Web Int erf ac e To configur e a Save Us er Confi gurati on i n the Web in terfa ce: 1.
229 5-4 Export / Import This sec tion describes how to expor t and import the Switch configur ation. Any current configuration fil es will be exported as XML format. 5- 4.1 Export Config This section describe s how to export the Switch Configuration for maintenance needs.
LGB5128A User Manual 230 5- 4.2 Import Config This section describe s how to export the Switch Configuration for maintenance needs. Any current configuration files will be exported as XML format. Web Int erf ac e To configure an Import Confi g Configuration in t he Web interface: 1.
231 5-5 Diagmostics This section provides a set of basic system diagnosis. It let users know that w hether the system is healthy or needs to be f ixed. The basic system check includes ICMP Ping, ICMPv6, and VeriPHY Cable Di agnostics .
LGB5128A User Manual 232 5- 5.2 Ping6 This section allows you to issue ICMP v6 PING packets to troubleshoot IPv6 connecti vity issues. Web Int erf ac e To configur e an ICMPv6 PING Config urati on in the Web int erfac e: 1.
233 5- 5.3 VeriPHY This section is used for running the VeriPHY Cable Diagnostics. Press to run the diagnostics. This will take appr oximately 5 seconds. If all ports are sele cted, this can ta ke approximately 15 seconds.
A. Glossary of Web - based Management A ACE ACE is an ac ronym for Acce ss Con trol Entry . It describ es acce ss perm ission a ssociate d with a part icul ar ACE ID. There are t hree ACE fr ame types ( Et hernet Type , ARP , and IPv4 ) and two ACE a ctions (permit and d eny).
235 Aggregation Using multip le po rts i n par allel to incre ase t he li nk spe ed beyo nd the limi ts o f a port and to increas e the redundancy fo r higher availability. (Also Port Aggregation , Link A ggrega tion). ARP ARP is an ac ronym for Addr ess Res olution P rotocol.
LGB5128A User Manual 236 The DHCP server e nsures that all I P addresses are unique, for example, no I P address is assigned to a second client while the f irst cl ient's ass ignment is val id (its lease has not expired). Ther efore, IP address pool management i s done by the server and not by a human network administr ator.
237 EEE EEE is an ab breviatio n for Ene rgy Effic ient Ethe rnet de fined in IE EE 80 2.3az. EPS EPS is an ab breviatio n for Eth ernet Pr otection S witchin g define d in ITU /T G.80 31. Ethernet Type Ethernet Type , or EtherTy pe, is a field i n the Ethernet MAC header, defi ned by the Ethernet network ing st andard.
LGB5128A User Manual 238 HTTPS HTTPS is an acro nym for Hypert ext Tran sfer Pro tocol ove r Secu re S ocket Layer. It is used to indi cate a secure HTTP connection. HTTPS pro vide a uthent icati on and encry pted c ommunicat ion a nd is widel y used on t he Worl d Wi de Web for se cur it y - sensitive communic ation such as payment transact ions and corporate logons.
239 IP IP is an a cronym for Inter net Prot ocol. It is a protoco l used fo r comm unicatin g data a cross an Internet network. IP is a "be st effort" sys tem, wh ich mea ns that no packet o f informa tion sent over is assured to reac h its dest ination in the same condit ion it was sent.
LGB5128A User Manual 240 LOC is an a cronym for Los s Of Co nnectivity and is d etected by a M EP. It ind icates lo st connectivity in the network. Can be used as switch cri teria by EPS . M MAC Table Switchin g of frames i s based upon the DMAC address contai ned in the f rame.
241 NetBIOS is an acrony m for Network Basi c Input/Output System. It is a progr am that allows applicat ions on separat e computers to communicate within a Local Area Network (LAN), and it is no t supported o n a Wide Are a Network (WAN).
LGB5128A User Manual 242 PING ping is a progra m that sends a series o f packets over a n etwork or the In ternet to a specific computer to generate a response from that computer. The ot her computer responds with an ackno wledgme n t that it rece ived the p ackets.
243 QCL is an acro nym fo r QoS C ontrol L ist. It is the list table o f QCE s that contains Qo S control entries t o classify a specif ic QoS class on specific traffic obj ects. Each acces sible traff ic obj ect co ntains an ident ifie r to its QCL.
LGB5128A User Manual 244 SMTP SMTP is an ac ronym for Simp le Mail T ransfer Protoco l. It is a tex t - based protocol that uses the Transmissi on Control Prot ocol ( TCP ) and provides a ma il service modele d on the FTP file trans fer service .
245 SyncE SyncE Is an abbre viation for S ynchro nous Eth ernet. It is u sed to syc hronize a networ k “clock frequen cy.” Do not co nfuse this with rea l - time clock synchro nized (IEE E 1588 ). T TACACS+ TACACS+ is an a cronym for Ter minal A cess Co ntroller A ccess C ontrol S ystem Plus.
LGB5128A User Manual 246 U UDP UDP is an acr onym fo r User D atagra m Prot ocol. It is a comm unicatio ns proto col that u ses the Intern et Protoco l (IP ) to excha nge the m essages b etween com puters. UDP is an al ternat iv e to the Transmission Control Protoc ol ( TCP ) that uses the Interne t Protocol (IP) .
72 4 - 7 46 -5 50 0 | black box. co m About Bl ack B o x Black Box pr ovides an extensive range of networking and in fr astruc ture pr oduct s. Y ou’ll fi nd every thing from cabinets and racks and power and su rge prot ec tion product s to media con verters and Ethernet switches all s uppor ted by free , live 2 4 / 7 T e ch support avai lable in 60 seconds or less.
Een belangrijk punt na aankoop van elk apparaat Black Box LGB5128A (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Black Box LGB5128A heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Black Box LGB5128A vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Black Box LGB5128A leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Black Box LGB5128A krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Black Box LGB5128A bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Black Box LGB5128A kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Black Box LGB5128A . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.